EP4027276A1 - Anomaliedetektion basierend auf einem ereignisbaum - Google Patents
Anomaliedetektion basierend auf einem ereignisbaum Download PDFInfo
- Publication number
- EP4027276A1 EP4027276A1 EP21210451.7A EP21210451A EP4027276A1 EP 4027276 A1 EP4027276 A1 EP 4027276A1 EP 21210451 A EP21210451 A EP 21210451A EP 4027276 A1 EP4027276 A1 EP 4027276A1
- Authority
- EP
- European Patent Office
- Prior art keywords
- event
- attribute
- node
- attributes
- nodes
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06N—COMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
- G06N20/00—Machine learning
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/20—Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
- G06F16/23—Updating
- G06F16/2365—Ensuring data consistency and integrity
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06N—COMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
- G06N5/00—Computing arrangements using knowledge-based models
- G06N5/01—Dynamic search techniques; Heuristics; Dynamic trees; Branch-and-bound
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- General Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Data Mining & Analysis (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Software Systems (AREA)
- Computing Systems (AREA)
- Mathematical Physics (AREA)
- Evolutionary Computation (AREA)
- Artificial Intelligence (AREA)
- Databases & Information Systems (AREA)
- Computational Linguistics (AREA)
- Computer Vision & Pattern Recognition (AREA)
- Medical Informatics (AREA)
- Computer Hardware Design (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US17/144,829 US11893005B2 (en) | 2021-01-08 | 2021-01-08 | Anomaly detection based on an event tree |
Publications (1)
Publication Number | Publication Date |
---|---|
EP4027276A1 true EP4027276A1 (de) | 2022-07-13 |
Family
ID=78819279
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
EP21210451.7A Pending EP4027276A1 (de) | 2021-01-08 | 2021-11-25 | Anomaliedetektion basierend auf einem ereignisbaum |
Country Status (2)
Country | Link |
---|---|
US (1) | US11893005B2 (de) |
EP (1) | EP4027276A1 (de) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2024068875A1 (en) * | 2022-09-28 | 2024-04-04 | Leybold Gmbh | Method for a vacuum pump system |
Families Citing this family (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
BR112021010468A2 (pt) * | 2018-12-31 | 2021-08-24 | Intel Corporation | Sistemas de segurança que empregam inteligência artificial |
Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20200389476A1 (en) * | 2019-06-04 | 2020-12-10 | Telefonaktiebolaget Lm Ericsson (Publ) | Method and arrangement for detecting anomalies in network data traffic |
Family Cites Families (18)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US8037535B2 (en) * | 2004-08-13 | 2011-10-11 | Georgetown University | System and method for detecting malicious executable code |
US20090323516A1 (en) * | 2008-06-27 | 2009-12-31 | Microsoft Corporation | Diagnosing network problems |
JP5339507B2 (ja) * | 2008-10-01 | 2013-11-13 | インターナショナル・ビジネス・マシーンズ・コーポレーション | 木構造を探索する方法 |
US20120254333A1 (en) * | 2010-01-07 | 2012-10-04 | Rajarathnam Chandramouli | Automated detection of deception in short and multilingual electronic messages |
US8504876B2 (en) * | 2010-04-30 | 2013-08-06 | The Mitre Corporation | Anomaly detection for database systems |
EP2633445A4 (de) * | 2010-10-25 | 2014-09-17 | Intelius Inc | Kosteneffiziente alternierende entscheidungsbäume zur datensatzverknüpfung |
US8682812B1 (en) * | 2010-12-23 | 2014-03-25 | Narus, Inc. | Machine learning based botnet detection using real-time extracted traffic features |
US10230747B2 (en) * | 2014-07-15 | 2019-03-12 | Cisco Technology, Inc. | Explaining network anomalies using decision trees |
US10045218B1 (en) * | 2016-07-27 | 2018-08-07 | Argyle Data, Inc. | Anomaly detection in streaming telephone network data |
US10902062B1 (en) * | 2017-08-24 | 2021-01-26 | Amazon Technologies, Inc. | Artificial intelligence system providing dimension-level anomaly score attributions for streaming data |
US11194906B2 (en) * | 2018-07-31 | 2021-12-07 | Nec Corporation | Automated threat alert triage via data provenance |
US11516235B2 (en) * | 2018-10-04 | 2022-11-29 | Kaalbi Technologies Private Limited | System and method for detecting bots based on anomaly detection of JavaScript or mobile app profile information |
US11531915B2 (en) * | 2019-03-20 | 2022-12-20 | Oracle International Corporation | Method for generating rulesets using tree-based models for black-box machine learning explainability |
US11294756B1 (en) * | 2019-09-19 | 2022-04-05 | Amazon Technologies, Inc. | Anomaly detection in a network |
US20220129791A1 (en) * | 2020-10-28 | 2022-04-28 | Oracle International Corporation | Systematic approach for explaining machine learning predictions |
US11574057B2 (en) * | 2020-10-29 | 2023-02-07 | Dell Products L.P. | Encryption as a service with request pattern anomaly detection |
US11824877B2 (en) * | 2020-11-10 | 2023-11-21 | Armis Security Ltd. | System and method for anomaly detection interpretation |
US11374919B2 (en) * | 2020-11-18 | 2022-06-28 | Okta, Inc. | Memory-free anomaly detection for risk management systems |
-
2021
- 2021-01-08 US US17/144,829 patent/US11893005B2/en active Active
- 2021-11-25 EP EP21210451.7A patent/EP4027276A1/de active Pending
Patent Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20200389476A1 (en) * | 2019-06-04 | 2020-12-10 | Telefonaktiebolaget Lm Ericsson (Publ) | Method and arrangement for detecting anomalies in network data traffic |
Non-Patent Citations (1)
Title |
---|
STRIPLING EUGEN ET AL: "Isolation-based conditional anomaly detection on mixed-attribute data to uncover workers' compensation fraud", DECISION SUPPORT SYSTEMS, ELSEVIER, AMSTERDAM, NL, vol. 111, 22 April 2018 (2018-04-22), pages 13 - 26, XP085405661, ISSN: 0167-9236, DOI: 10.1016/J.DSS.2018.04.001 * |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2024068875A1 (en) * | 2022-09-28 | 2024-04-04 | Leybold Gmbh | Method for a vacuum pump system |
Also Published As
Publication number | Publication date |
---|---|
US11893005B2 (en) | 2024-02-06 |
US20220222238A1 (en) | 2022-07-14 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US11411966B2 (en) | Processing anomaly data to identify threats to network security | |
AU2017224993B2 (en) | Malicious threat detection through time series graph analysis | |
US10521584B1 (en) | Computer threat analysis service | |
US10038710B2 (en) | Efficient identification of log events in enterprise threat detection | |
US10121000B1 (en) | System and method to detect premium attacks on electronic networks and electronic devices | |
US10706144B1 (en) | Cyber defense with graph theoretical approach | |
CN109074454B (zh) | 基于赝象对恶意软件自动分组 | |
US20200177608A1 (en) | Ontology Based Persistent Attack Campaign Detection | |
US20200004957A1 (en) | Machine learning-based security alert escalation guidance | |
EP4027276A1 (de) | Anomaliedetektion basierend auf einem ereignisbaum | |
Kim et al. | WebMon: ML-and YARA-based malicious webpage detection | |
US20230418938A1 (en) | Attack kill chain generation and utilization for threat analysis | |
US20240152626A1 (en) | Security Event Modeling and Threat Detection Using Behavioral, Analytical, and Threat Intelligence Attributes | |
Sommestad et al. | Variables influencing the effectiveness of signature-based network intrusion detection systems | |
Yüksel et al. | Towards useful anomaly detection for back office networks | |
US20240045957A1 (en) | Utilizing machine learning to detect ransomware in code | |
EP4105802A1 (de) | Verfahren, computerlesbares medium und system zum erkennen von schadsoftware in hierarchisch strukturierten dateien | |
EP4283952A1 (de) | Tunnelungserkennung für domänennamensystem | |
US20230056625A1 (en) | Computing device and method of detecting compromised network devices | |
US20230156017A1 (en) | Quantification of Adversary Tactics, Techniques, and Procedures Using Threat Attribute Groupings and Correlation |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PUAI | Public reference made under article 153(3) epc to a published international application that has entered the european phase |
Free format text: ORIGINAL CODE: 0009012 |
|
STAA | Information on the status of an ep patent application or granted ep patent |
Free format text: STATUS: THE APPLICATION HAS BEEN PUBLISHED |
|
AK | Designated contracting states |
Kind code of ref document: A1 Designated state(s): AL AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO RS SE SI SK SM TR |
|
STAA | Information on the status of an ep patent application or granted ep patent |
Free format text: STATUS: REQUEST FOR EXAMINATION WAS MADE |
|
17P | Request for examination filed |
Effective date: 20221215 |
|
RBV | Designated contracting states (corrected) |
Designated state(s): AL AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO RS SE SI SK SM TR |
|
REG | Reference to a national code |
Ref country code: HK Ref legal event code: DE Ref document number: 40078648 Country of ref document: HK |
|
P01 | Opt-out of the competence of the unified patent court (upc) registered |
Effective date: 20230518 |